PHP random string generator

 

I'm trying to create a randomized string in PHP, and I get absolutely no output with this: 

<?php
function RandomString()
{
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $randstring = '';
    for ($i = 0; $i < 10; $i++) {
        $randstring = $characters[rand(0, strlen($characters))];
    }
    return $randstring;
}
RandomString();
echo $randstring;

What am I doing wrong?

To answer this question specifically, two problems:

  • $randstring is not in scope when you echo it.
  • The characters are not getting concatenated together in the loop.

    • Here's a code snippet with the corrections: 

    function generateRandomString($length = 10) {
    $characters = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ';
    $charactersLength = strlen($characters);
    $randomString = '';
    for ($i = 0; $i < $length; $i++) {
        $randomString .= $characters[rand(0, $charactersLength - 1)];
    }
    return $randomString;
}

    Output the random string with the call below: 

    // Echo the random string.
// Optionally, you can give it a desired string length.
echo generateRandomString();

    Please note that this generates predictable random strings. If you want to create secure tokens, see this answer.

    Note: str_shuffle() internally uses rand() , which is unsuitable for cryptography purposes (eg generating random passwords). You want a secure random number generator instead. It also doesn't allow characters to repeat.

    One more way.

    UPDATED (now this generates any length of string): 

    function generateRandomString($length = 10) {
    return substr(str_shuffle(str_repeat($x='0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ', ceil($length/strlen($x)) )),1,$length);
}

echo  generateRandomString();  // OR: generateRandomString(24)

    That's it. :)

    There are a lot of answers to this question, but none of them leverage a Cryptographically Secure Pseudo-Random Number Generator (CSPRNG).

    The simple, secure, and correct answer is to use RandomLib and don't reinvent the wheel.

    For those of you who insist on inventing your own solution, PHP 7.0.0 will provide random_int() for this purpose; if you're still on PHP 5.x, we wrote a PHP 5 polyfill for random_int() so you can use the new API even before you upgrade to PHP 7.

    Safely generating random integers in PHP isn't a trivial task. You should always check with your resident StackExchange cryptography experts before you deploy a home-grown algorithm in production.

    With a secure integer generator in place, generating a random string with a CSPRNG is a walk in the park.

    Creating a Secure, Random String 

    /**
 * Generate a random string, using a cryptographically secure 
 * pseudorandom number generator (random_int)
 * 
 * For PHP 7, random_int is a PHP core function
 * For PHP 5.x, depends on https://github.com/paragonie/random_compat
 * 
 * @param int $length      How many characters do we want?
 * @param string $keyspace A string of all possible characters
 *                         to select from
 * @return string
 */
function random_str($length, $keyspace = '0123456789abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ')
{
    $pieces = [];
    $max = mb_strlen($keyspace, '8bit') - 1;
    for ($i = 0; $i < $length; ++$i) {
        $pieces []= $keyspace[random_int(0, $max)];
    }
    return implode('', $pieces);
}

    Usage : 

    $a = random_str(32);
$b = random_str(8, 'abcdefghijklmnopqrstuvwxyz');

    Demo : https://3v4l.org/b4PST (Ignore the PHP 5 failures; it needs random_compat)

    链接地址: http://www.djcxy.com/p/20592.html

    上一篇: 在Java中运行构造函数代码之前,字段是否已初始化?

    下一篇: PHP随机字符串生成器